Nuno Silva wrote:
Hi there Dan.
I'm having the same problem, i have read many diferent 'recipes' to put
wcccpv2 working on squid, but nothing yet.
In all posts I read, i done everything, ipforward set to 1, gre tunnel,
iptables, and the only thing I can see is the browser message saying
that the server is taking too long to respond
router#*sh ip wccp*
Global WCCP information:
Router information:
Router Identifier: 194.xxx.xxx.xxx
Protocol Version: 2.0
Service Identifier: web-cache
Number of Cache Engines: 1
Number of routers: 1
*_Total Packets Redirected: 1168_*
Redirect access-list: wccp-redirect
Total Packets Denied Redirect: 51649
Total Packets Unassigned: 11
Group access-list: -none-
Total Messages Denied to Group: 0
Total Authentication failures: 0
Total Bypassed Packets Received: 0
When the packets start to be redirect to the squid, I start getting
delays…the the failing message L
On the Squid side, monitoring the gre1 tunnel, I can see incoming traffic:
gre1 Link encap:UNSPEC HWaddr
C2-41-97-F9-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:127.0.0.2 P-t-P:127.0.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MTU:1476 Metric:1
*RX packets:38903* errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
*RX bytes:5151686* (4.9 MiB) TX bytes:0 (0.0 b)
*squid:/home/pp# iptables -t nat -L*
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp dpt:www
redir ports 3128
REDIRECT tcp -- anywhere anywhere tcp
dpt:webcache redir ports 3128
REDIRECT tcp -- anywhere anywhere tcp
dpt:8000 redir ports 3128
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Try adding this to iptables:
iptables -t nat -A POSTROUTING -j MASQUERADE
also what is the status of these as relating to web traffic to/from squid:
iptables -t filter -L *
Thing to look out for in Nuno's problem is traffic from the squid box
being redirected back at itself anywhere down the chain. In squid box
iptables and also the cisco box.
Amos
I need held to find out what’s wrong!
Router info:
IOS Software, 7200 Software (C7200-P-M), Version 12.2(25)S5, RELEASE
SOFTWARE (fc1)
-----Mensagem original-----
De: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx]
Enviada: quarta-feira, 10 de Setembro de 2008 3:48
Para: Dan Letkeman
Cc: squid-users
Assunto: Re: wccp working config example
> Hello,
>
> I have spent all day working on trying to get a working wccp config
> with squid and a 2811 router running (C2800NM-ADVENTERPRISEK9-M),
> Version 12.4(21)
>
> I have had it working before with a 2621 router running a 12.3 ios.
>
> I have read about 20 different posts/blogs with various different
> instructions. If anyone has any configuration example or instruction
> list that is complete for a certain version of squid/linux/ios I would
> like to give it a try.
WCCP is a little tricky as there are three parts to the config and all
three are completely interchangeable depending on the hardware and squid
release involved.
We are building a section in the config examples wiki pages to help
though. http://wiki.squid-cache.org/ConfigExamples/Intercept
The two pieces currently there already for WCCPv2 combine to a working
config Cisco->FreeBSD for reference. Some older examples not yet checked
and cleaned up are in http://wiki.squid-cache.org/ConfigExamples with Wccp
in their names.
If you get the config for your router going I'd be interested in adding
the bits for future reference.
Amos
No virus found in this incoming message.
Checked by AVG - http://www.avg.com
Version: 8.0.169 / Virus Database: 270.6.19/1663 - Release Date:
09-09-2008 19:04
--
Please use Squid 2.7.STABLE4 or 3.0.STABLE8
